import { Controller, Get, Post, Body, Patch, Param, Delete, Query, UseGuards } from '@nestjs/common';
import { RolesService } from './roles.service';
import { CreateRoleDto } from './dto/create-role.dto';
import { UpdateRoleDto } from './dto/update-role.dto';
import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
import { PermissionsGuard } from '../common/guards/permissions.guard';
import { Permissions } from '../common/decorators/permissions.decorator';
import { ApiTags, ApiOperation, ApiResponse, ApiBearerAuth } from '@nestjs/swagger';

@ApiTags('角色管理')
@ApiBearerAuth()
@Controller('roles')
@UseGuards(JwtAuthGuard, PermissionsGuard)
export class RolesController {
  constructor(private readonly rolesService: RolesService) {}

  @Post()
  @Permissions('role:create')
  @ApiOperation({ summary: '创建角色', description: '创建新角色，需要role:create权限' })
  @ApiResponse({ status: 201, description: '角色创建成功' })
  create(@Body() createRoleDto: CreateRoleDto) {
    return this.rolesService.create(createRoleDto);
  }

  @Get()
  @Permissions('role:read')
  @ApiOperation({ summary: '获取角色列表', description: '获取所有角色或指定组织的角色' })
  @ApiResponse({ status: 200, description: '返回角色列表' })
  findAll(@Query('orgId') orgId?: string) {
    return this.rolesService.findAll(orgId);
  }

  @Get(':id')
  @Permissions('role:read')
  @ApiOperation({ summary: '获取单个角色', description: '根据ID获取角色详情' })
  @ApiResponse({ status: 200, description: '返回角色信息' })
  findOne(@Param('id') id: string) {
    return this.rolesService.findOne(id);
  }

  @Patch(':id')
  @Permissions('role:update')
  @ApiOperation({ summary: '更新角色', description: '更新角色信息' })
  @ApiResponse({ status: 200, description: '角色更新成功' })
  update(@Param('id') id: string, @Body() updateRoleDto: UpdateRoleDto) {
    return this.rolesService.update(id, updateRoleDto);
  }

  @Delete(':id')
  @Permissions('role:delete')
  @ApiOperation({ summary: '删除角色', description: '根据ID删除角色' })
  @ApiResponse({ status: 200, description: '角色删除成功' })
  remove(@Param('id') id: string) {
    return this.rolesService.remove(id);
  }
  
  @Post('batch-delete')
  @Permissions('role:delete')
  @ApiOperation({ summary: '批量删除角色', description: '批量删除多个角色' })
  @ApiResponse({ status: 200, description: '角色批量删除成功' })
  removeMany(@Body('ids') ids: string[]) {
    return this.rolesService.removeMany(ids);
  }
  
  @Post(':id/permissions')
  @Permissions('role:update')
  @ApiOperation({ summary: '分配权限', description: '为角色分配权限' })
  @ApiResponse({ status: 200, description: '权限分配成功' })
  assignPermissions(
    @Param('id') id: string,
    @Body('permissionIds') permissionIds: string[]
  ) {
    return this.rolesService.assignPermissions(id, permissionIds);
  }

  @Get(':id/permissions')
  @Permissions('role:read')
  @ApiOperation({ summary: '获取角色权限', description: '获取角色的权限列表' })
  @ApiResponse({ status: 200, description: '返回角色权限列表' })
  async getRolePermissions(@Param('id') id: string) {
    const role = await this.rolesService.findOne(id);
    return role.permissionIds;
  }
} 